1 2 /* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */ 3 4 /* 5 * Updated: Joshua Brindle <jbrindle@tresys.com> 6 * Karl MacMillan <kmacmillan@tresys.com> 7 * Jason Tang <jtang@tresys.com> 8 * 9 * Module support 10 * 11 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 12 * 13 * Support for enhanced MLS infrastructure. 14 * 15 * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> 16 * 17 * Added conditional policy language extensions 18 * 19 * Updated: Red Hat, Inc. James Morris <jmorris@redhat.com> 20 * 21 * Fine-grained netlink support 22 * IPv6 support 23 * Code cleanup 24 * 25 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 26 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 27 * Copyright (C) 2003 - 2004 Red Hat, Inc. 28 * 29 * This library is free software; you can redistribute it and/or 30 * modify it under the terms of the GNU Lesser General Public 31 * License as published by the Free Software Foundation; either 32 * version 2.1 of the License, or (at your option) any later version. 33 * 34 * This library is distributed in the hope that it will be useful, 35 * but WITHOUT ANY WARRANTY; without even the implied warranty of 36 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 37 * Lesser General Public License for more details. 38 * 39 * You should have received a copy of the GNU Lesser General Public 40 * License along with this library; if not, write to the Free Software 41 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 42 */ 43 44 /* FLASK */ 45 46 /* 47 * A policy database (policydb) specifies the 48 * configuration data for the security policy. 49 */ 50 51 #ifndef _SEPOL_POLICYDB_POLICYDB_H_ 52 #define _SEPOL_POLICYDB_POLICYDB_H_ 53 54 #include <stdio.h> 55 #include <stddef.h> 56 57 #include <sepol/policydb.h> 58 59 #include <sepol/policydb/flask_types.h> 60 #include <sepol/policydb/symtab.h> 61 #include <sepol/policydb/avtab.h> 62 #include <sepol/policydb/context.h> 63 #include <sepol/policydb/constraint.h> 64 #include <sepol/policydb/sidtab.h> 65 66 #define ERRMSG_LEN 1024 67 68 #define POLICYDB_SUCCESS 0 69 #define POLICYDB_ERROR -1 70 #define POLICYDB_UNSUPPORTED -2 71 72 /* 73 * A datum type is defined for each kind of symbol 74 * in the configuration data: individual permissions, 75 * common prefixes for access vectors, classes, 76 * users, roles, types, sensitivities, categories, etc. 77 */ 78 79 /* type set preserves data needed by modules such as *, ~ and attributes */ 80 typedef struct type_set { 81 ebitmap_t types; 82 ebitmap_t negset; 83 #define TYPE_STAR 1 84 #define TYPE_COMP 2 85 uint32_t flags; 86 } type_set_t; 87 88 typedef struct role_set { 89 ebitmap_t roles; 90 #define ROLE_STAR 1 91 #define ROLE_COMP 2 92 uint32_t flags; 93 } role_set_t; 94 95 /* Permission attributes */ 96 typedef struct perm_datum { 97 symtab_datum_t s; 98 } perm_datum_t; 99 100 /* Attributes of a common prefix for access vectors */ 101 typedef struct common_datum { 102 symtab_datum_t s; 103 symtab_t permissions; /* common permissions */ 104 } common_datum_t; 105 106 /* Class attributes */ 107 typedef struct class_datum { 108 symtab_datum_t s; 109 char *comkey; /* common name */ 110 common_datum_t *comdatum; /* common datum */ 111 symtab_t permissions; /* class-specific permission symbol table */ 112 constraint_node_t *constraints; /* constraints on class permissions */ 113 constraint_node_t *validatetrans; /* special transition rules */ 114 /* Options how a new object user and role should be decided */ 115 #define DEFAULT_SOURCE 1 116 #define DEFAULT_TARGET 2 117 char default_user; 118 char default_role; 119 char default_type; 120 /* Options how a new object range should be decided */ 121 #define DEFAULT_SOURCE_LOW 1 122 #define DEFAULT_SOURCE_HIGH 2 123 #define DEFAULT_SOURCE_LOW_HIGH 3 124 #define DEFAULT_TARGET_LOW 4 125 #define DEFAULT_TARGET_HIGH 5 126 #define DEFAULT_TARGET_LOW_HIGH 6 127 char default_range; 128 } class_datum_t; 129 130 /* Role attributes */ 131 typedef struct role_datum { 132 symtab_datum_t s; 133 ebitmap_t dominates; /* set of roles dominated by this role */ 134 type_set_t types; /* set of authorized types for role */ 135 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 136 uint32_t bounds; /* bounds role, if exist */ 137 #define ROLE_ROLE 0 /* regular role in kernel policies */ 138 #define ROLE_ATTRIB 1 /* attribute */ 139 uint32_t flavor; 140 ebitmap_t roles; /* roles with this attribute */ 141 } role_datum_t; 142 143 typedef struct role_trans { 144 uint32_t role; /* current role */ 145 uint32_t type; /* program executable type, or new object type */ 146 uint32_t tclass; /* process class, or new object class */ 147 uint32_t new_role; /* new role */ 148 struct role_trans *next; 149 } role_trans_t; 150 151 typedef struct role_allow { 152 uint32_t role; /* current role */ 153 uint32_t new_role; /* new role */ 154 struct role_allow *next; 155 } role_allow_t; 156 157 /* filename_trans rules */ 158 typedef struct filename_trans { 159 uint32_t stype; 160 uint32_t ttype; 161 uint32_t tclass; 162 char *name; 163 uint32_t otype; 164 struct filename_trans *next; 165 } filename_trans_t; 166 167 /* Type attributes */ 168 typedef struct type_datum { 169 symtab_datum_t s; 170 uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */ 171 #define TYPE_TYPE 0 /* regular type or alias in kernel policies */ 172 #define TYPE_ATTRIB 1 /* attribute */ 173 #define TYPE_ALIAS 2 /* alias in modular policy */ 174 uint32_t flavor; 175 ebitmap_t types; /* types with this attribute */ 176 #define TYPE_FLAGS_PERMISSIVE 0x01 177 uint32_t flags; 178 uint32_t bounds; /* bounds type, if exist */ 179 } type_datum_t; 180 181 /* 182 * Properties of type_datum 183 * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY 184 */ 185 #define TYPEDATUM_PROPERTY_PRIMARY 0x0001 186 #define TYPEDATUM_PROPERTY_ATTRIBUTE 0x0002 187 #define TYPEDATUM_PROPERTY_ALIAS 0x0004 /* userspace only */ 188 #define TYPEDATUM_PROPERTY_PERMISSIVE 0x0008 /* userspace only */ 189 190 /* User attributes */ 191 typedef struct user_datum { 192 symtab_datum_t s; 193 role_set_t roles; /* set of authorized roles for user */ 194 mls_semantic_range_t range; /* MLS range (min. - max.) for user */ 195 mls_semantic_level_t dfltlevel; /* default login MLS level for user */ 196 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 197 mls_range_t exp_range; /* expanded range used for validation */ 198 mls_level_t exp_dfltlevel; /* expanded range used for validation */ 199 uint32_t bounds; /* bounds user, if exist */ 200 } user_datum_t; 201 202 /* Sensitivity attributes */ 203 typedef struct level_datum { 204 mls_level_t *level; /* sensitivity and associated categories */ 205 unsigned char isalias; /* is this sensitivity an alias for another? */ 206 unsigned char defined; 207 } level_datum_t; 208 209 /* Category attributes */ 210 typedef struct cat_datum { 211 symtab_datum_t s; 212 unsigned char isalias; /* is this category an alias for another? */ 213 } cat_datum_t; 214 215 typedef struct range_trans { 216 uint32_t source_type; 217 uint32_t target_type; 218 uint32_t target_class; 219 mls_range_t target_range; 220 struct range_trans *next; 221 } range_trans_t; 222 223 /* Boolean data type */ 224 typedef struct cond_bool_datum { 225 symtab_datum_t s; 226 int state; 227 #define COND_BOOL_FLAGS_TUNABLE 0x01 /* is this a tunable? */ 228 uint32_t flags; 229 } cond_bool_datum_t; 230 231 struct cond_node; 232 233 typedef struct cond_node cond_list_t; 234 struct cond_av_list; 235 236 typedef struct class_perm_node { 237 uint32_t class; 238 uint32_t data; /* permissions or new type */ 239 struct class_perm_node *next; 240 } class_perm_node_t; 241 242 typedef struct avrule { 243 /* these typedefs are almost exactly the same as those in avtab.h - they are 244 * here because of the need to include neverallow and dontaudit messages */ 245 #define AVRULE_ALLOWED 1 246 #define AVRULE_AUDITALLOW 2 247 #define AVRULE_AUDITDENY 4 248 #define AVRULE_DONTAUDIT 8 249 #define AVRULE_NEVERALLOW 128 250 #define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW) 251 #define AVRULE_TRANSITION 16 252 #define AVRULE_MEMBER 32 253 #define AVRULE_CHANGE 64 254 #define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE) 255 uint32_t specified; 256 #define RULE_SELF 1 257 uint32_t flags; 258 type_set_t stypes; 259 type_set_t ttypes; 260 class_perm_node_t *perms; 261 unsigned long line; /* line number from policy.conf where 262 * this rule originated */ 263 /* source file name and line number (e.g. .te file) */ 264 char *source_filename; 265 unsigned long source_line; 266 struct avrule *next; 267 } avrule_t; 268 269 typedef struct role_trans_rule { 270 role_set_t roles; /* current role */ 271 type_set_t types; /* program executable type, or new object type */ 272 ebitmap_t classes; /* process class, or new object class */ 273 uint32_t new_role; /* new role */ 274 struct role_trans_rule *next; 275 } role_trans_rule_t; 276 277 typedef struct role_allow_rule { 278 role_set_t roles; /* current role */ 279 role_set_t new_roles; /* new roles */ 280 struct role_allow_rule *next; 281 } role_allow_rule_t; 282 283 typedef struct filename_trans_rule { 284 type_set_t stypes; 285 type_set_t ttypes; 286 uint32_t tclass; 287 char *name; 288 uint32_t otype; /* new type */ 289 struct filename_trans_rule *next; 290 } filename_trans_rule_t; 291 292 typedef struct range_trans_rule { 293 type_set_t stypes; 294 type_set_t ttypes; 295 ebitmap_t tclasses; 296 mls_semantic_range_t trange; 297 struct range_trans_rule *next; 298 } range_trans_rule_t; 299 300 /* 301 * The configuration data includes security contexts for 302 * initial SIDs, unlabeled file systems, TCP and UDP port numbers, 303 * network interfaces, and nodes. This structure stores the 304 * relevant data for one such entry. Entries of the same kind 305 * (e.g. all initial SIDs) are linked together into a list. 306 */ 307 typedef struct ocontext { 308 union { 309 char *name; /* name of initial SID, fs, netif, fstype, path */ 310 struct { 311 uint8_t protocol; 312 uint16_t low_port; 313 uint16_t high_port; 314 } port; /* TCP or UDP port information */ 315 struct { 316 uint32_t addr; /* network order */ 317 uint32_t mask; /* network order */ 318 } node; /* node information */ 319 struct { 320 uint32_t addr[4]; /* network order */ 321 uint32_t mask[4]; /* network order */ 322 } node6; /* IPv6 node information */ 323 uint32_t device; 324 uint16_t pirq; 325 struct { 326 uint32_t low_iomem; 327 uint32_t high_iomem; 328 } iomem; 329 struct { 330 uint32_t low_ioport; 331 uint32_t high_ioport; 332 } ioport; 333 } u; 334 union { 335 uint32_t sclass; /* security class for genfs */ 336 uint32_t behavior; /* labeling behavior for fs_use */ 337 } v; 338 context_struct_t context[2]; /* security context(s) */ 339 sepol_security_id_t sid[2]; /* SID(s) */ 340 struct ocontext *next; 341 } ocontext_t; 342 343 typedef struct genfs { 344 char *fstype; 345 struct ocontext *head; 346 struct genfs *next; 347 } genfs_t; 348 349 /* symbol table array indices */ 350 #define SYM_COMMONS 0 351 #define SYM_CLASSES 1 352 #define SYM_ROLES 2 353 #define SYM_TYPES 3 354 #define SYM_USERS 4 355 #define SYM_BOOLS 5 356 #define SYM_LEVELS 6 357 #define SYM_CATS 7 358 #define SYM_NUM 8 359 360 /* object context array indices */ 361 #define OCON_ISID 0 /* initial SIDs */ 362 #define OCON_FS 1 /* unlabeled file systems */ 363 #define OCON_PORT 2 /* TCP and UDP port numbers */ 364 #define OCON_NETIF 3 /* network interfaces */ 365 #define OCON_NODE 4 /* nodes */ 366 #define OCON_FSUSE 5 /* fs_use */ 367 #define OCON_NODE6 6 /* IPv6 nodes */ 368 #define OCON_GENFS 7 /* needed for ocontext_supported */ 369 370 /* object context array indices for Xen */ 371 #define OCON_XEN_ISID 0 /* initial SIDs */ 372 #define OCON_XEN_PIRQ 1 /* physical irqs */ 373 #define OCON_XEN_IOPORT 2 /* io ports */ 374 #define OCON_XEN_IOMEM 3 /* io memory */ 375 #define OCON_XEN_PCIDEVICE 4 /* pci devices */ 376 377 /* OCON_NUM needs to be the largest index in any platform's ocontext array */ 378 #define OCON_NUM 7 379 380 /* section: module information */ 381 382 /* scope_index_t holds all of the symbols that are in scope in a 383 * particular situation. The bitmaps are indices (and thus must 384 * subtract one) into the global policydb->scope array. */ 385 typedef struct scope_index { 386 ebitmap_t scope[SYM_NUM]; 387 #define p_classes_scope scope[SYM_CLASSES] 388 #define p_roles_scope scope[SYM_ROLES] 389 #define p_types_scope scope[SYM_TYPES] 390 #define p_users_scope scope[SYM_USERS] 391 #define p_bools_scope scope[SYM_BOOLS] 392 #define p_sens_scope scope[SYM_LEVELS] 393 #define p_cat_scope scope[SYM_CATS] 394 395 /* this array maps from class->value to the permissions within 396 * scope. if bit (perm->value - 1) is set in map 397 * class_perms_map[class->value - 1] then that permission is 398 * enabled for this class within this decl. */ 399 ebitmap_t *class_perms_map; 400 /* total number of classes in class_perms_map array */ 401 uint32_t class_perms_len; 402 } scope_index_t; 403 404 /* a list of declarations for a particular avrule_decl */ 405 406 /* These two structs declare a block of policy that has TE and RBAC 407 * statements and declarations. The root block (the global policy) 408 * can never have an ELSE branch. */ 409 typedef struct avrule_decl { 410 uint32_t decl_id; 411 uint32_t enabled; /* whether this block is enabled */ 412 413 cond_list_t *cond_list; 414 avrule_t *avrules; 415 role_trans_rule_t *role_tr_rules; 416 role_allow_rule_t *role_allow_rules; 417 range_trans_rule_t *range_tr_rules; 418 scope_index_t required; /* symbols needed to activate this block */ 419 scope_index_t declared; /* symbols declared within this block */ 420 421 /* type transition rules with a 'name' component */ 422 filename_trans_rule_t *filename_trans_rules; 423 424 /* for additive statements (type attribute, roles, and users) */ 425 symtab_t symtab[SYM_NUM]; 426 427 /* In a linked module this will contain the name of the module 428 * from which this avrule_decl originated. */ 429 char *module_name; 430 431 struct avrule_decl *next; 432 } avrule_decl_t; 433 434 typedef struct avrule_block { 435 avrule_decl_t *branch_list; 436 avrule_decl_t *enabled; /* pointer to which branch is enabled. this is 437 used in linking and never written to disk */ 438 #define AVRULE_OPTIONAL 1 439 uint32_t flags; /* any flags for this block, currently just optional */ 440 struct avrule_block *next; 441 } avrule_block_t; 442 443 /* Every identifier has its own scope datum. The datum describes if 444 * the item is to be included into the final policy during 445 * expansion. */ 446 typedef struct scope_datum { 447 /* Required for this decl */ 448 #define SCOPE_REQ 1 449 /* Declared in this decl */ 450 #define SCOPE_DECL 2 451 uint32_t scope; 452 uint32_t *decl_ids; 453 uint32_t decl_ids_len; 454 /* decl_ids is a list of avrule_decl's that declare/require 455 * this symbol. If scope==SCOPE_DECL then this is a list of 456 * declarations. If the symbol may only be declared once 457 * (types, bools) then decl_ids_len will be exactly 1. For 458 * implicitly declared things (roles, users) then decl_ids_len 459 * will be at least 1. */ 460 } scope_datum_t; 461 462 /* The policy database */ 463 typedef struct policydb { 464 #define POLICY_KERN SEPOL_POLICY_KERN 465 #define POLICY_BASE SEPOL_POLICY_BASE 466 #define POLICY_MOD SEPOL_POLICY_MOD 467 uint32_t policy_type; 468 char *name; 469 char *version; 470 int target_platform; 471 472 /* Set when the policydb is modified such that writing is unsupported */ 473 int unsupported_format; 474 475 /* Whether this policydb is mls, should always be set */ 476 int mls; 477 478 /* symbol tables */ 479 symtab_t symtab[SYM_NUM]; 480 #define p_commons symtab[SYM_COMMONS] 481 #define p_classes symtab[SYM_CLASSES] 482 #define p_roles symtab[SYM_ROLES] 483 #define p_types symtab[SYM_TYPES] 484 #define p_users symtab[SYM_USERS] 485 #define p_bools symtab[SYM_BOOLS] 486 #define p_levels symtab[SYM_LEVELS] 487 #define p_cats symtab[SYM_CATS] 488 489 /* symbol names indexed by (value - 1) */ 490 char **sym_val_to_name[SYM_NUM]; 491 #define p_common_val_to_name sym_val_to_name[SYM_COMMONS] 492 #define p_class_val_to_name sym_val_to_name[SYM_CLASSES] 493 #define p_role_val_to_name sym_val_to_name[SYM_ROLES] 494 #define p_type_val_to_name sym_val_to_name[SYM_TYPES] 495 #define p_user_val_to_name sym_val_to_name[SYM_USERS] 496 #define p_bool_val_to_name sym_val_to_name[SYM_BOOLS] 497 #define p_sens_val_to_name sym_val_to_name[SYM_LEVELS] 498 #define p_cat_val_to_name sym_val_to_name[SYM_CATS] 499 500 /* class, role, and user attributes indexed by (value - 1) */ 501 class_datum_t **class_val_to_struct; 502 role_datum_t **role_val_to_struct; 503 user_datum_t **user_val_to_struct; 504 type_datum_t **type_val_to_struct; 505 506 /* module stuff section -- used in parsing and for modules */ 507 508 /* keep track of the scope for every identifier. these are 509 * hash tables, where the key is the identifier name and value 510 * a scope_datum_t. as a convenience, one may use the 511 * p_*_macros (cf. struct scope_index_t declaration). */ 512 symtab_t scope[SYM_NUM]; 513 514 /* module rule storage */ 515 avrule_block_t *global; 516 /* avrule_decl index used for link/expand */ 517 avrule_decl_t **decl_val_to_struct; 518 519 /* compiled storage of rules - use for the kernel policy */ 520 521 /* type enforcement access vectors and transitions */ 522 avtab_t te_avtab; 523 524 /* bools indexed by (value - 1) */ 525 cond_bool_datum_t **bool_val_to_struct; 526 /* type enforcement conditional access vectors and transitions */ 527 avtab_t te_cond_avtab; 528 /* linked list indexing te_cond_avtab by conditional */ 529 cond_list_t *cond_list; 530 531 /* role transitions */ 532 role_trans_t *role_tr; 533 534 /* type transition rules with a 'name' component */ 535 filename_trans_t *filename_trans; 536 537 /* role allows */ 538 role_allow_t *role_allow; 539 540 /* security contexts of initial SIDs, unlabeled file systems, 541 TCP or UDP port numbers, network interfaces and nodes */ 542 ocontext_t *ocontexts[OCON_NUM]; 543 544 /* security contexts for files in filesystems that cannot support 545 a persistent label mapping or use another 546 fixed labeling behavior. */ 547 genfs_t *genfs; 548 549 /* range transitions */ 550 range_trans_t *range_tr; 551 552 ebitmap_t *type_attr_map; 553 554 ebitmap_t *attr_type_map; /* not saved in the binary policy */ 555 556 ebitmap_t policycaps; 557 558 /* this bitmap is referenced by type NOT the typical type-1 used in other 559 bitmaps. Someday the 0 bit may be used for global permissive */ 560 ebitmap_t permissive_map; 561 562 unsigned policyvers; 563 564 unsigned handle_unknown; 565 } policydb_t; 566 567 struct sepol_policydb { 568 struct policydb p; 569 }; 570 571 extern int policydb_init(policydb_t * p); 572 573 extern int policydb_from_image(sepol_handle_t * handle, 574 void *data, size_t len, policydb_t * policydb); 575 576 extern int policydb_to_image(sepol_handle_t * handle, 577 policydb_t * policydb, void **newdata, 578 size_t * newlen); 579 580 extern int policydb_index_classes(policydb_t * p); 581 582 extern int policydb_index_bools(policydb_t * p); 583 584 extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p, 585 unsigned int verbose); 586 587 extern int policydb_reindex_users(policydb_t * p); 588 589 extern void policydb_destroy(policydb_t * p); 590 591 extern int policydb_load_isids(policydb_t * p, sidtab_t * s); 592 593 /* Deprecated */ 594 extern int policydb_context_isvalid(const policydb_t * p, 595 const context_struct_t * c); 596 597 extern void symtabs_destroy(symtab_t * symtab); 598 extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p); 599 typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d, 600 void *args); 601 extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num); 602 603 extern void class_perm_node_init(class_perm_node_t * x); 604 extern void type_set_init(type_set_t * x); 605 extern void type_set_destroy(type_set_t * x); 606 extern int type_set_cpy(type_set_t * dst, type_set_t * src); 607 extern int type_set_or_eq(type_set_t * dst, type_set_t * other); 608 extern void role_set_init(role_set_t * x); 609 extern void role_set_destroy(role_set_t * x); 610 extern void avrule_init(avrule_t * x); 611 extern void avrule_destroy(avrule_t * x); 612 extern void avrule_list_destroy(avrule_t * x); 613 extern void role_trans_rule_init(role_trans_rule_t * x); 614 extern void role_trans_rule_list_destroy(role_trans_rule_t * x); 615 extern void filename_trans_rule_init(filename_trans_rule_t * x); 616 extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x); 617 618 extern void role_datum_init(role_datum_t * x); 619 extern void role_datum_destroy(role_datum_t * x); 620 extern void role_allow_rule_init(role_allow_rule_t * x); 621 extern void role_allow_rule_destroy(role_allow_rule_t * x); 622 extern void role_allow_rule_list_destroy(role_allow_rule_t * x); 623 extern void range_trans_rule_init(range_trans_rule_t *x); 624 extern void range_trans_rule_destroy(range_trans_rule_t *x); 625 extern void range_trans_rule_list_destroy(range_trans_rule_t *x); 626 extern void type_datum_init(type_datum_t * x); 627 extern void type_datum_destroy(type_datum_t * x); 628 extern void user_datum_init(user_datum_t * x); 629 extern void user_datum_destroy(user_datum_t * x); 630 extern void level_datum_init(level_datum_t * x); 631 extern void level_datum_destroy(level_datum_t * x); 632 extern void cat_datum_init(cat_datum_t * x); 633 extern void cat_datum_destroy(cat_datum_t * x); 634 635 extern int check_assertions(sepol_handle_t * handle, 636 policydb_t * p, avrule_t * avrules); 637 638 extern int symtab_insert(policydb_t * x, uint32_t sym, 639 hashtab_key_t key, hashtab_datum_t datum, 640 uint32_t scope, uint32_t avrule_decl_id, 641 uint32_t * value); 642 643 /* A policy "file" may be a memory region referenced by a (data, len) pair 644 or a file referenced by a FILE pointer. */ 645 typedef struct policy_file { 646 #define PF_USE_MEMORY 0 647 #define PF_USE_STDIO 1 648 #define PF_LEN 2 /* total up length in len field */ 649 unsigned type; 650 char *data; 651 size_t len; 652 size_t size; 653 FILE *fp; 654 struct sepol_handle *handle; 655 } policy_file_t; 656 657 struct sepol_policy_file { 658 struct policy_file pf; 659 }; 660 661 extern void policy_file_init(policy_file_t * x); 662 663 extern int policydb_read(policydb_t * p, struct policy_file *fp, 664 unsigned int verbose); 665 extern int avrule_read_list(policydb_t * p, avrule_t ** avrules, 666 struct policy_file *fp); 667 668 extern int policydb_write(struct policydb *p, struct policy_file *pf); 669 extern int policydb_set_target_platform(policydb_t *p, int platform); 670 671 #define PERM_SYMTAB_SIZE 32 672 673 /* Identify specific policy version changes */ 674 #define POLICYDB_VERSION_BASE 15 675 #define POLICYDB_VERSION_BOOL 16 676 #define POLICYDB_VERSION_IPV6 17 677 #define POLICYDB_VERSION_NLCLASS 18 678 #define POLICYDB_VERSION_VALIDATETRANS 19 679 #define POLICYDB_VERSION_MLS 19 680 #define POLICYDB_VERSION_AVTAB 20 681 #define POLICYDB_VERSION_RANGETRANS 21 682 #define POLICYDB_VERSION_POLCAP 22 683 #define POLICYDB_VERSION_PERMISSIVE 23 684 #define POLICYDB_VERSION_BOUNDARY 24 685 #define POLICYDB_VERSION_FILENAME_TRANS 25 686 #define POLICYDB_VERSION_ROLETRANS 26 687 #define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 27 688 #define POLICYDB_VERSION_DEFAULT_TYPE 28 689 #define POLICYDB_VERSION_CONSTRAINT_NAMES 29 690 691 /* Range of policy versions we understand*/ 692 #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE 693 #define POLICYDB_VERSION_MAX POLICYDB_VERSION_CONSTRAINT_NAMES 694 695 /* Module versions and specific changes*/ 696 #define MOD_POLICYDB_VERSION_BASE 4 697 #define MOD_POLICYDB_VERSION_VALIDATETRANS 5 698 #define MOD_POLICYDB_VERSION_MLS 5 699 #define MOD_POLICYDB_VERSION_RANGETRANS 6 700 #define MOD_POLICYDB_VERSION_MLS_USERS 6 701 #define MOD_POLICYDB_VERSION_POLCAP 7 702 #define MOD_POLICYDB_VERSION_PERMISSIVE 8 703 #define MOD_POLICYDB_VERSION_BOUNDARY 9 704 #define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10 705 #define MOD_POLICYDB_VERSION_FILENAME_TRANS 11 706 #define MOD_POLICYDB_VERSION_ROLETRANS 12 707 #define MOD_POLICYDB_VERSION_ROLEATTRIB 13 708 #define MOD_POLICYDB_VERSION_TUNABLE_SEP 14 709 #define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 15 710 #define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 711 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 712 713 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE 714 #define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 715 716 #define POLICYDB_CONFIG_MLS 1 717 718 /* macros to check policy feature */ 719 720 /* TODO: add other features here */ 721 722 #define policydb_has_boundary_feature(p) \ 723 (((p)->policy_type == POLICY_KERN \ 724 && p->policyvers >= POLICYDB_VERSION_BOUNDARY) || \ 725 ((p)->policy_type != POLICY_KERN \ 726 && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY)) 727 728 /* the config flags related to unknown classes/perms are bits 2 and 3 */ 729 #define DENY_UNKNOWN SEPOL_DENY_UNKNOWN 730 #define REJECT_UNKNOWN SEPOL_REJECT_UNKNOWN 731 #define ALLOW_UNKNOWN SEPOL_ALLOW_UNKNOWN 732 733 #define POLICYDB_CONFIG_UNKNOWN_MASK (DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN) 734 735 #define OBJECT_R "object_r" 736 #define OBJECT_R_VAL 1 737 738 #define POLICYDB_MAGIC SELINUX_MAGIC 739 #define POLICYDB_STRING "SE Linux" 740 #define POLICYDB_XEN_STRING "XenFlask" 741 #define POLICYDB_STRING_MAX_LENGTH 32 742 #define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC 743 #define POLICYDB_MOD_STRING "SE Linux Module" 744 #define SEPOL_TARGET_SELINUX 0 745 #define SEPOL_TARGET_XEN 1 746 747 748 #endif /* _POLICYDB_H_ */ 749 750 /* FLASK */ 751